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ABSTRACT EP 4 85887 A2 

A secure communication network serves a plurality of terminals (30, 34, 
38) grouped into different security categories. Each terminal includes a 
replaceable security element (32, 36, 40) containing a security algorithm 
specific to the security category to which the terminal is assigned. Upon 
the breach of a particular security version, the security elements in the 
affected category are replaced with new elements containing a different 
algorithm. The security elements are relatively low cost, and can be 
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INTERNATIONAL PATENT CLASS: H04N-007/16 



...SPECIFICATION signals without any security element installed. 

The present invention can be advantageously used in a satellite 
television system that transmits scrambled television signals for receipt 
by authorized subscribers having the necessary satellite reception 
equipment. In a satellite television system marketed by the VideoCipher 
Division of General Instrument Corporation, details of which are... 

...key" signal is generated by processing an initialization vector signal 
in accordance with the data encryption standard ("DES") algorithm upon 
the algorithm being keyed by a common category key signal. A unique 
scrambling key stream is generated by processing the initialization 
vector signal in... 

...television signal is scrambled in accordance with the scrambling key 
stream. A plurality of unique encrypted category key signals 
individually addressed to different selected subscriber descramblers are 
generated by encrypting the initial common category key signal in 
accordance with the DES algorithm upon the algorithm being keyed by a 
plurality. . . 

...with that descrambler. The scrambled television signal, the 

initialization vector signal, and the plurality of encrypted category 

key signals are broadcast to the descramblers. DES algorithms are 
employed at the descramblers to reproduce the encryption key stream and 
descramble the television signal in accordance therewith. As noted above, 
each descrambler... 



.which unit key is stored in a secure memory for use in reproducing the 
common category key signal when the descrambler is addressed by its 
unique encrypted category key signal. 

As indicated, each terminal in accordance with the present invention is 
supported by its . . . 
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ABSTRACT EP 471373 A2 

A field upgradeable security system deciphers signals received from a 
communication network. An information processor (10) includes a 
receptacle for receiving a replaceable security element (12) . The 
replaceable security element generates a working key (WK) necessary to 
the operation of the information processor. The working key is 
communicated to the information processor encrypted under a secret key 
(A(M) ) . The information processor decrypts the encrypted working key for 
use in deciphering a received communication signal. Additional layers of 
encryption (A(C), U(M), U(C)) can be added to the communications between 
the information processor and security element to increase the level of 
security, (see image in original document) 
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INTERNATIONAL PATENT CLASS: H04N-007/167 



...SPECIFICATION the data necessary to enable the security element to 

generate the working keys required by crypto 24 will be transmitted via 
satellite or other means (e.g., telephone), to enable authorized... 

...In the event remote initialization is not used, information not 

frequently broadcast (i.e., the category key ) can be sent ahead of 
time and stored by the information processor for later transfer... 
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Reproduction of secure keys by using distributed key generation data 
Reproduktion von geschutzten Schlusseln durch Erzeugungsdaten von 

verteilten Schlusseln 
Reproduction de cles protegees en utilisant des donnees de generation de 

cles distribuees 
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conditional access system for DBS by means of secure over-air credit 
transmission having a short cycle time"; 

ABSTRACT EP 343805 A2 

A key security system provides for the reproduction of secure keys by 
using distributed key generation data and a distributed encrypted prekey. 
The system encrypts program key generation data (17) with a program key 
prekey (18) in accordance with a first encryption algorithm to produce 
the program key (20); processes the program key (20) to produce a 
keystream (25); and processes an information signal (26) with the 
keystream to produce a scrambled information signal (27). The program key 
prekey (18) is encrypted with a category key (22) in accordance with a 
second encryption algorithm to produce an encrypted program key prekey 
(23) . The scrambled information signal (27) the program key generation 
data (17) and the encrypted program key prekey (23) are distributed to 
descramblers . The descrambler within the key security system decrypts the 
distributed encrypted program key prekey (23) with the category key (22) 
in accordance with the second encryption algorithm to reproduce the 
program key prekey (18); encrypts the distributed program key generation 
data (17) with the reproduced program key prekey (18) in accordance with 
the first encryption algorithm to reproduce the program key (20); 
processes the reproduced program key (20) to reproduce the keystream 
(25); and processes the distributed scrambled information signal (27) 
with the reproduced keystream (25) to descramble the distributed 
scrambled information signal. The key generation data includes 
authorization data that must be processed by the authorization processor 
(35) in the descrambler in order to enable the descrambler. The use of 
authorization data as key generation data protects the authorization data 
from spoofing attacks. When more data must be protected than a single 
operation of the encryption algorithm can support, then additional data 
blocks are protected by chaining the system, wherein the output from one 
stage forms part of the input to the next. The key generation data for 



the program key incrWTes a sequence number securely associated with the 
category key to thereby "timelock" program key reproduction to the use of 
a current category key and thus prevent an attack based upon the use of 
an obsolete category key. 
ABSTRACT WORD COUNT: 351 
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...SPECIFICATION The first encryption unit 88 encrypts the preencrypted 
program prekey prekey 96 with the CATV category key 83a in accordance 
with a first encryption algorithm, such as the DES algorithm, to 
produce an encrypted program prekey prekey 97. Spotbeam mask data 
indicates geographical regions where descrambling of the broadcast 
television signal is authorized. The encrypted program prekey prekey 97 
in included in the CATV program rekey message 78. 

The second encryption unit 8 9 encrypts the program prekey generation 
data. . . 0-6. 

The decryption unit 168 decrypts the encrypted prekey prekey 97 with 
the CATV category key 83a in accordance with the first algorithm used 
by the encryption unit 88 in the first control computer (Figure 5A) to 
provide reproduce the preencrypted program. . . 
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NOVELTY - Each of an information protection system access control 
system and subscriber terminals include a security module. Security 
modules (30,50) independently generate a symmetrical encryption key as 
a function of unique serial number and public key associated with othe 
security modules. A program encryption key received from a securit 
module (30) is decrypted using a symmetrical key. 

DETAILED DESCRIPTION - An unique serial number (Sid) is generated 
in response to receipt of a particular stimuli via an input terminal. 
The serial number is used to uniquely identify the security module and 
for generating a public key (KPid) as a function of unique serial 
number. The serial number and program encryption key are encrypted 
using device unique key and the encrypted results are stored in a 
memory. An INDEPENDENT CLAIM is also included for the method of 
operating securing module. 

USE - For cable TV network, direct broadcast satellite video 
system. Other examples are facsimile, telephone system. 

ADVANTAGE - Encrypts unique identification key and program 
encryption key using device encryption key and stores the encrypted 
result in memory internal to security module, thus securing the keys 
against misappropriation. 

DESCRIPTION OF DRAWING (S) - The figure shows the block diagram of 
information delivery system. 

Security modules (30,50) 
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Abstract (Basic) : EP 127381 A 

A working key signal is generated by processing an initialisation 
vector signal in accordance with the DES algorithm on the algorithm 
being keyed by a common category key signal or a signal having a 
predetermined relationship to this signal. A unique encryptation key 
stream is generated on processing the initialisation vector signal in 
accordance with DES algorithm on the algorithm being keyed by the 
working key signal. The TV signal is scrambled in accordance with the 
key stream. 

A number of unique encrypted category key signals 
individually addressed to selected subscribers descrambles are operated 
by processing the initial common category key signal in accordance 
with the DES algorithm. The algorithm is keyed by a number of different 
unit key signals unique to different selected descramblers . The 
scrambled signal, initialisation vector signal and encrypted 
category key signals are broadcast to the descramblers . The 
descrambler uses a corresponding tier of DES algorithms to reproduce 
the encryptation key stream which is used to descramble the TV 
signal. Each descrambler has its unique unit key signal stored in a 
secure memory. This is for use in reproducing the common category 
key signal when the descrambler is addressed by its unique encrypted 
category key signal. 

ADVANTAGE - The system is highly secure against unauthorised 
descrambling. At least three levels of encryptation algorithms are 
used in the scrambling and descrambling. 
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Abstract (Basic) : US 4864615 A 

The key security system includes a circuit for encrypting 
first-key generation data with a first-key prekey in accordance with a 
first encryption algorithm to produce a first key. The first key is 
processed to produce a key stream and an information signal and is 
processed with the key stream to produce a scrambled information 
signal. The first-key prekey is encrypted with a second key in 
accordance with a second encryption algorithm to produce an 
encrypted first-key prekey. The scrambled information signal is the 
first-key generation data and the encrypted -first-key prekey are 
distributed and a descrambler includes device for providing the second 
key . 

The distributed encrypted first-key prekey is decrypted with the 
second key in accordance with the second encryption algorithm to 
reproduce the first-key prekey. The distributed first-key generation 
data is encrypted with the reproduced first-key prekey in accordance 
with the first encryption algorithm to reproduce the first key. The 
reproduced first key is processed to reproduce the key stream. The 
distributed scrambled information signal is processed with the 
reproduced key stream to descramble the distributed scrambled 
information signal. 

USE - Descrambling and decrypting systems in communications 
network 
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